Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/QXME_nocP-1sqde83cDHHbzhCJ0.roa
File: QXME_nocP-1sqde83cDHHbzhCJ0.roa (raw, json)
Hash identifier: 0yv/VCkMShc0gzMrcVsD8bknIaX9DcQ4dRTECVApCjE=
Subject key identifier: 41:73:04:FE:7A:1C:3F:ED:6C:A9:D7:BC:DD:C0:C7:1D:BC:E1:08:9D
Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221
Certificate serial: 161A
Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/QXME_nocP-1sqde83cDHHbzhCJ0.roa
Signing time: Sun 16 Feb 2025 03:24:11 +0000
ROA not before: Sun 16 Feb 2025 03:24:11 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4766
IP address blocks: 180.223.124.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5658 (0x161a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221
Validity
Not Before: Feb 16 03:24:11 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=417304FE7A1C3FED6CA9D7BCDDC0C71DBCE1089D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:25:40:02:5e:d2:6e:44:ff:86:4a:8d:03:3b:
73:f9:15:73:e3:17:98:4a:a4:07:b1:7a:12:2b:75:
83:23:82:24:3a:e8:b9:da:3f:ff:12:4b:28:ee:d5:
63:cb:c9:ab:1a:33:2b:cd:3f:eb:41:1f:ee:26:ce:
94:e6:62:91:fb:db:e8:18:d0:19:81:36:0e:da:e2:
34:d8:83:07:d7:35:d7:47:e6:61:41:3b:13:e3:a7:
f5:61:d8:54:08:39:11:45:f7:e3:df:db:16:69:88:
17:6b:4c:b7:fd:1a:d5:f6:5c:03:1d:d3:ac:ec:9b:
bf:58:16:df:50:a5:57:b6:7c:92:c1:77:4a:7b:c5:
7d:fb:07:fa:97:2b:cc:59:89:48:f3:bd:f4:0f:54:
f2:4d:89:e2:49:3a:37:a3:12:c8:23:cb:1e:03:97:
a9:3a:ea:f0:70:e3:2a:29:68:b8:19:c3:b6:5f:a1:
9e:3e:99:56:6e:69:1c:64:2f:86:dc:67:68:14:13:
57:52:af:01:ad:93:82:e4:fe:f2:76:10:f0:64:55:
82:4b:ac:39:6c:6f:82:95:ba:97:d5:cf:6c:cf:50:
aa:92:08:e4:d1:ab:e5:6a:cc:a8:68:d0:df:83:14:
0d:53:a3:c3:7e:cf:45:98:da:38:b4:8b:6c:80:d0:
37:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:73:04:FE:7A:1C:3F:ED:6C:A9:D7:BC:DD:C0:C7:1D:BC:E1:08:9D
X509v3 Authority Key Identifier:
keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/QXME_nocP-1sqde83cDHHbzhCJ0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
180.223.124.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:19:3b:c2:32:49:4f:f7:1e:3e:8b:27:45:a3:0d:68:be:6b:
a2:4c:d9:7f:bc:e5:ff:82:8b:f7:08:f0:15:a1:dd:af:00:7b:
0e:c4:94:15:b3:bb:95:ee:17:9c:ca:d0:8b:82:63:49:ed:16:
f7:48:b3:b3:7f:5c:ba:8d:a2:c8:54:ed:2e:3f:72:bb:f0:9c:
44:e1:9d:1e:c3:c5:60:89:98:b6:f9:5a:f1:b5:54:25:8b:eb:
b8:22:10:75:a5:29:6a:d8:fe:5e:ac:40:39:fa:e1:07:c1:b9:
26:7a:2a:2b:be:56:42:82:2e:48:e9:91:a3:68:cf:10:40:0b:
84:1c:df:b7:09:da:99:30:47:7f:3b:3e:42:e1:38:94:f5:ea:
d8:1a:cd:b5:c7:94:39:e0:6c:e0:83:00:21:50:4d:c6:f1:ef:
88:01:db:6f:60:12:44:c9:34:87:38:1a:dd:b1:75:28:a0:3d:
ff:30:75:e1:8c:31:91:1d:1b:4f:7a:25:49:02:d8:5d:7e:43:
92:72:70:57:c8:1c:19:2c:36:0c:90:95:47:13:78:2f:20:0e:
3e:95:15:35:2f:48:52:62:4b:e7:6d:dd:da:72:ef:28:2a:2a:
8b:02:a8:79:7e:10:ac:f6:e7:58:08:ab:e7:fd:c0:32:fc:27:
26:85:c9:f8
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFhowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw
QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAyMTYw
MzI0MTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQxNzMwNEZFN0ExQzNG
RUQ2Q0E5RDdCQ0REQzBDNzFEQkNFMTA4OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnJUACXtJuRP+GSo0DO3P5FXPjF5hKpAexehIrdYMjgiQ66Lna
P/8SSyju1WPLyasaMyvNP+tBH+4mzpTmYpH72+gY0BmBNg7a4jTYgwfXNddH5mFB
OxPjp/Vh2FQIORFF9+Pf2xZpiBdrTLf9GtX2XAMd06zsm79YFt9QpVe2fJLBd0p7
xX37B/qXK8xZiUjzvfQPVPJNieJJOjejEsgjyx4Dl6k66vBw4yopaLgZw7ZfoZ4+
mVZuaRxkL4bcZ2gUE1dSrwGtk4Lk/vJ2EPBkVYJLrDlsb4KVupfVz2zPUKqSCOTR
q+VqzKho0N+DFA1To8N+z0WY2ji0i2yA0DdDAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUQXME/nocP+1sqde83cDHHbzhCJ0wHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD
IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvUVhNRV9ub2NQLTFz
cWRlODNjREhIYnpoQ0owLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEArTffDANBgkqhkiG9w0BAQsFAAOCAQEAjhk7wjJJT/cePosnRaMNaL5rokzZ
f7zl/4KL9wjwFaHdrwB7DsSUFbO7le4XnMrQi4JjSe0W90izs39cuo2iyFTtLj9y
u/CcROGdHsPFYImYtvla8bVUJYvruCIQdaUpatj+XqxAOfrhB8G5JnoqK75WQoIu
SOmRo2jPEEALhBzftwnamTBHfzs+QuE4lPXq2BrNtceUOeBs4IMAIVBNxvHviAHb
b2ASRMk0hzga3bF1KKA9/zB14YwxkR0bT3olSQLYXX5DknJwV8gcGSw2DJCVRxN4
LyAOPpUVNS9IUmJL523d2nLvKCoqiwKoeX4QrPbnWAir5/3AMvwnJoXJ+A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:02:09 2025 by rpki-client